aboutsummaryrefslogtreecommitdiff
path: root/lib/libfetch
diff options
context:
space:
mode:
authorDag-Erling Smørgrav <des@FreeBSD.org>2026-02-07 14:24:40 +0000
committerDag-Erling Smørgrav <des@FreeBSD.org>2026-02-07 14:24:40 +0000
commit4e160c6197f75fda3d5d5997ce893087058cf718 (patch)
tree10cf874757752406eff3f8c1de04e8498595bfe0 /lib/libfetch
parent4548149a81026ad9b1706b2b7e7ad47a4c1358b6 (diff)
Diffstat (limited to 'lib/libfetch')
-rw-r--r--lib/libfetch/common.c10
-rw-r--r--lib/libfetch/common.h1
2 files changed, 7 insertions, 4 deletions
diff --git a/lib/libfetch/common.c b/lib/libfetch/common.c
index 9b36a9e61a75..ec010909218b 100644
--- a/lib/libfetch/common.c
+++ b/lib/libfetch/common.c
@@ -1182,8 +1182,11 @@ fetch_ssl(conn_t *conn, const struct url *URL, int verbose)
X509_NAME *name;
char *str;
- conn->ssl_meth = SSLv23_client_method();
- conn->ssl_ctx = SSL_CTX_new(conn->ssl_meth);
+ if ((conn->ssl_ctx = SSL_CTX_new(TLS_client_method())) == NULL) {
+ fprintf(stderr, "SSL context creation failed\n");
+ ERR_print_errors_fp(stderr);
+ return (-1);
+ }
SSL_CTX_set_mode(conn->ssl_ctx, SSL_MODE_AUTO_RETRY);
fetch_ssl_setup_transport_layer(conn->ssl_ctx, verbose);
@@ -1194,7 +1197,8 @@ fetch_ssl(conn_t *conn, const struct url *URL, int verbose)
conn->ssl = SSL_new(conn->ssl_ctx);
if (conn->ssl == NULL) {
- fprintf(stderr, "SSL context creation failed\n");
+ fprintf(stderr, "SSL connection creation failed\n");
+ ERR_print_errors_fp(stderr);
return (-1);
}
SSL_set_fd(conn->ssl, conn->sd);
diff --git a/lib/libfetch/common.h b/lib/libfetch/common.h
index 7396c8a68ab6..06089aae5451 100644
--- a/lib/libfetch/common.h
+++ b/lib/libfetch/common.h
@@ -56,7 +56,6 @@ struct fetchconn {
SSL *ssl; /* SSL handle */
SSL_CTX *ssl_ctx; /* SSL context */
X509 *ssl_cert; /* server certificate */
- const SSL_METHOD *ssl_meth; /* SSL method */
#endif
int ref; /* reference count */
};
generated by cgit v1.3 (git 2.53.0) at 2026-04-18 04:16:02 +0000